---
- name: setup the database
  hosts: db01.iad2.fedoraproject.org:db01.stg.iad2.fedoraproject.org
  gather_facts: no
  become: yes
  become_user: postgres
  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - /srv/private/ansible/vars.yml
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  tasks:
    - name: resultsdb DB user - prod
      postgresql_user:
        name: "resultsdb"
        password: "{{ prod_resultsdb_db_password }}"
      when: env != 'staging'
    - name: resultsdb DB user - staging
      postgresql_user:
        name: "resultsdb"
        password: "{{ stg_resultsdb_db_password }}"
      when: env == 'staging'
    - name: resultsdb database creation
      postgresql_db:
        name: "resultsdb"
        owner: "resultsdb"
        encoding: UTF-8


- name: make the app be real
  hosts: os_control[0]:os_control_stg[0]
  user: root
  gather_facts: no
  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - /srv/private/ansible/vars.yml
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
    - /srv/web/infra/ansible/roles/openshift-apps/resultsdb/vars/main.yml

  roles:
    - role: rabbit/user
      username: "resultsdb{{ env_suffix }}"
      sent_topics: ^org\.fedoraproject\.{{ env_short }}\.resultsdb\..*

    # The openshift/project role breaks if the project already exists:
    # https://pagure.io/fedora-infrastructure/issue/6404
    - role: openshift/project
      app: resultsdb
      description: resultsdb
      appowners:
        - ralph
        - mjia
        - dcallagh
        - gnaponie
        - cverna
        - pingou
        - lholecek
        - vmaljulin
        - lrossett
      tags:
        - apply-appowners

    - role: openshift/secret-file
      app: resultsdb
      secret_name: resultsdb-fedora-messaging-key
      key: resultsdb.key
      privatefile: "rabbitmq/{{env}}/pki/private/resultsdb{{env_suffix}}.key"

    - role: openshift/secret-file
      app: resultsdb
      secret_name: resultsdb-fedora-messaging-crt
      key: resultsdb.crt
      privatefile: "rabbitmq/{{env}}/pki/issued/resultsdb{{env_suffix}}.crt"

    - role: openshift/secret-file
      app: resultsdb
      secret_name: resultsdb-fedora-messaging-ca
      key: resultsdb.ca
      privatefile: "rabbitmq/{{env}}/pki/ca.crt"

    # backend objects
    - role: openshift/object
      app: resultsdb
      template: backend/secrets.yml
      objectname: backend-secrets.yml

    - role: openshift/object
      app: resultsdb
      template: backend/configmaps.yml
      objectname: backend-configmaps.yml

    - role: openshift/object
      app: resultsdb
      template: backend/deploymentconfigs.yml
      objectname: backend-deploymentconfigs.yml

    - role: openshift/object
      app: resultsdb
      template: backend/services.yml
      objectname: backend-services.yml

    - role: openshift/route
      app: resultsdb
      routename: resultsdb-api
      host: "resultsdb{{ env_suffix }}.fedoraproject.org"
      serviceport: api
      servicename: resultsdb-api
      path: /api

    # frontend objects
    - role: openshift/object
      app: resultsdb
      template: frontend/secrets.yml
      objectname: frontend-secrets.yml

    - role: openshift/object
      app: resultsdb
      template: frontend/configmaps.yml
      objectname: frontend-configmaps.yml

    - role: openshift/object
      app: resultsdb
      template: frontend/deploymentconfigs.yml
      objectname: frontend-deploymentconfigs.yml

    - role: openshift/object
      app: resultsdb
      template: frontend/services.yml
      objectname: frontend-services.yml

    - role: openshift/route
      app: resultsdb
      routename: resultsdb-web
      host: "resultsdb{{ env_suffix }}.fedoraproject.org"
      serviceport: web
      servicename: resultsdb-frontend
      path: /

    # rollouts
    - role: openshift/rollout
      app: resultsdb
      dcname: "resultsdb-api"
      failed_when: false

    - role: openshift/rollout
      app: resultsdb
      dcname: "resultsdb-frontend"
      failed_when: false
